Title: REST API
Last modified: February 15, 2017

---

# REST API

 *  [sroskylos](https://wordpress.org/support/users/sroskylo1/)
 * (@sroskylo1)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/rest-api-14/)
 * How to block requests in [http://www.website.com/wp-json/wp/v2/posts/](http://www.website.com/wp-json/wp/v2/posts/)?
 * Someone checking this url
    -  This topic was modified 9 years, 3 months ago by [sroskylos](https://wordpress.org/support/users/sroskylo1/).

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [bluebearmedia](https://wordpress.org/support/users/bluebearmedia/)
 * (@bluebearmedia)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/rest-api-14/#post-8808072)
 * If you’re talking about the recent REST API exploits, then you need to upgrade
   your WordPress version to 4.7.2 to patch the hole.
 *  Thread Starter [sroskylos](https://wordpress.org/support/users/sroskylo1/)
 * (@sroskylo1)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/rest-api-14/#post-8809451)
 * I have already updated to 4.7.2 How can i disable this query?
 *  [wfalaa](https://wordpress.org/support/users/wfalaa/)
 * (@wfalaa)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/rest-api-14/#post-8817918)
 * Hi,
    There are a [bunch of plugins](https://wordpress.org/plugins/search.php?type=term&q=disable+REST+API)
   that offer disabling REST API, but WordPress doesn’t recommend that as mentioned
   in REST API FAQs [here](https://developer.wordpress.org/rest-api/using-the-rest-api/frequently-asked-questions/#can-i-disable-the-rest-api),
   and you may want to take a look at [this ticket](https://core.trac.wordpress.org/ticket/39806#comment:2)
   too.
 * As long as you have already upgraded to WordPress 4.7.2, your website should 
   be safe from being a target for this vulnerability, also not to forget that in
   Wordfence you have the option to “[Immediately block IPs that access these URLs](https://docs.wordfence.com/en/Wordfence_options#Immediately_block_IP.27s_that_access_these_URLs)”
   and it supports wildcards.
 * Thanks.
    -  This reply was modified 9 years, 3 months ago by [wfalaa](https://wordpress.org/support/users/wfalaa/).
    -  This reply was modified 9 years, 3 months ago by [wfalaa](https://wordpress.org/support/users/wfalaa/).

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘REST API’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

 * 3 replies
 * 3 participants
 * Last reply from: [wfalaa](https://wordpress.org/support/users/wfalaa/)
 * Last activity: [9 years, 3 months ago](https://wordpress.org/support/topic/rest-api-14/#post-8817918)
 * Status: not resolved